Service provider based network threat prevention
US7543055B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jun 20, 2006 |
| Grant date | Jun 2, 2009 |
| Priority date | — |
| Expiry date | Feb 1, 2028 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/145
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Systems and methods responsive to communicated network threats are disclosed. An example method includes assembling a collection of files, inserting a network traffic monitor that identifies a first domain responsible for communicating a known threat, searching for and classifying files not in the collection of files, and updating the collection of files when the classification indicates that the file not in the collection of files is a network threat. An embodiment of a system includes a network traffic monitor, a crawler, a data store, and an analyzer. The network traffic monitor identifies a first domain responsible for communicating a threat. The crawler traverses the first domain and additional domains linked via the first domain. In addition, the crawler identifies changed files. The data store holds a collection of files associated with known threats and files not associated with threats. The analyzer examines and classifies new files and changed files.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.